Confidential paper transfer monitors the method with auditTechnical field
The invention belongs to computer information safety technique field, is specifically a kind of method of confidential paper transfer monitoring with auditing.
Background technology
Confidential paper refers to the object that state secret is loaded with the form of word, numeral, image, sound etc..It includes traditional paperThe file of medium, data, also including the state secret carrier such as magnetizing mediums and optical medium.Confidential paper carries substantial amounts of state secret,Once leakage will threaten the national security and interests, so the national associated privacy department of the management for confidential paper has put into effect stringent pipeReason system and specification.After confidential paper makes, since requirements of one's work can circulate between men.
Transfer for confidential paper, the mode of generally use are:Confidential paper transfer people and recipient voluntarily carry out confidential paper transfer.FirstConfidential paper information is checked by recipient and checks confidential paper number of pages, number by hand, then registration is transferred respectively in the secrecy sheet of both sidesDate, file name, level of confidentiality, number of pages, number etc., then recipient transfer people secrecy sheet on sign for, transfer people receivingSign and confirm in the secrecy sheet of people.
Existing confidential paper transfer method, lacks the monitoring and management of technological means, depends on the secrecy for transferring each sideConsciousness and sense of responsibility, either hand-over supervision and management still in terms of security audit, all there is it is many problem of.For example, can not ensure the carry out confidential paper transfer within the scope of authority in the confidential paper, there is the risk that expansion confidential paper knows scope;ByIn intentional or unintentional mistake, the quantity for checking confidential paper by hand is difficult to ensure that accuracy;It is mandatory to transfer registration shortage, canRegistration error or the situation of forgetting can occur;The secrecy sheet of Handwork register exists in terms of preservation, data query and statistics, auditInconvenience.
The content of the invention
The purpose of the present invention is to solve deficiency of the prior art, propose that one kind can effectively improve security and accurateProperty confidential paper transfer monitoring and auditing method.This method can ensure that confidential paper is only capable of being transferred between authorized person, so as to keep awayThat has exempted from unconscious expansion confidential paper knows scope.
Confidential paper transfer is monitored includes self-service transfer terminal, barcode scanner, client computer and server with the method for audit, fromTransfer terminal, client computer is helped to be connected row data communication of going forward side by side with server by network, barcode scanner is transferred eventually by self-serviceBarcode data is passed to self-service transfer terminal by end serial ports.
Self-service transfer terminal includes CPU module, power supply, memory, Flash modules, liquid crystal touch screen, card reading module, buzzingDevice, network interface card and serial ports;The data that card reading module, liquid crystal touch screen, serial ports obtain are passed through network and the number of server by CPU moduleAccording to being handled and exchanged.Flash modules are used for storing required system file in self-service transfer starting up of terminal and operational processAnd human-computer interaction interface.
Confidential paper transfer monitoring is as follows with auditing method operating procedure:
A, before confidential paper transfer application, unique confidential paper identity is fixed on confidential paper, and record every part on the serverThe number of pages and bar code number of confidential paper, and the ownership people of confidential paper;Wherein, confidential paper identity can be bar code or two-dimensional stripCode;
B, confidential paper transfer people initiates confidential paper transfer application on client computer, and confidential paper transfer application information includes confidential paper nameTitle, level of confidentiality, number, number of pages, recipient's name, transfer reason;
C, approver logs in the transfer examination and approval work that client computer carries out confidential paper;
D, after examination & approval pass through, confidential paper transfer people swipes the card or inputs account in self-service transfer terminal, password carries out identity and recognizesCard;
E, by rear, confidential paper transfer people selects to transfer approval record on liquid crystal touch screen, starts turning-over operation for certification;
F, confidential paper transfer people scans the bar code on confidential paper with barcode scanner page by page;
G, confidential paper recipient swipes the card or inputs account in self-service transfer terminal, password carries out authentication, confirms to transfer.
Confidential paper transfer method using the present invention effectively realizes monitoring and the security audit to confidential paper transfer process.AndAnd the self-service transfer terminal has the characteristics that cost of implementation is low, is easy to deployment, is easy to operate.Therefore, the technology of the present invention practicalityBy force, it is adapted to promote and apply in correlative technology field.
Brief description of the drawings
Attached drawing herein is used for helping to further understand the present invention, forms a part for patent of the present invention, but does not formInappropriate limitation of the present invention.In attached drawing:
Fig. 1 is the schematic diagram that confidential paper transfer of the present invention is monitored and audited;
Fig. 2 is the flow chart of confidential paper transfer monitoring of the present invention and audit.
In figure:1st, self-service transfer terminal;2nd, barcode scanner;3rd, client computer;4th, server;5th, CPU module;6th, power supply;7th, memory;8th, Flash modules;9th, liquid crystal touch screen;10th, card reading module;11st, buzzer;12nd, network interface card;13rd, serial ports.
Embodiment
To make technical scheme and feature clearer, with reference to embodiment and attached drawing, the present invention is done intoThe detailed description of one step.Here, following embodiments are used to illustrate the present invention, but it is not limited to the scope of the present invention.
As shown in Figure 1, the equipment of confidential paper transfer monitoring and audit includes self-service transfer terminal 1, barcode scanner 2, client electricityBrain 3 and server 4.Self-service transfer terminal 1 and client computer 3 are by network and server 4 into row data communication.Wherein, certainlyTransfer terminal 1 is helped to include CPU module 5, power supply 6, memory 7, Flash modules 8, liquid crystal touch screen 9, card reading module 10, buzzer11st, network interface card 12 and serial ports 13.CPU module 5 by the data that card reading module 10, liquid crystal touch screen 9, serial ports 13 obtain by network withThe data of server 4 are handled and exchanged.Card reading module 10 is used to carry out user identity discriminating by distinguishing card number, works as Card ReaderWhen correct, buzzer 11 will send the prompt tone of " ticking ", inform that swiping card is effective.9 director's machine information of liquid crystal touch screen is handed overMutually.Flash modules 8 be used for store it is self-service transfer terminal 1 start shooting and operational process in required system file and human-computer interaction circleFace.Barcode data is passed to self-service transfer terminal 1 by barcode scanner 2 by self-service transfer 1 serial ports 13 of terminal.
As shown in Fig. 2, confidential paper transfer monitoring is divided into three steps with auditing method, the first step is the transfer application of confidential paper;Second step is the transfer examination & approval of confidential paper;3rd step is the operation in self-service transfer terminal 1:
The first step, the transfer application of confidential paper
Before confidential paper is transferred, unique identity, such as the every page in paper document should be fixed on confidential paperEmbedded bar code or two-dimensional bar code, so as to identify the every page of confidential paper, and record on server 4 every part of confidential paperNumber of pages and bar code number, and the ownership people of confidential paper.
Transfer people to also need to initiate confidential paper transfer application on client computer 3, the information of application includes confidential paper title, closeLevel, number, number of pages, recipient's name, transfer reason etc..
Second step, the transfer examination & approval of confidential paper
After application is submitted, system will notify level-one approver, can be viewed after approver's login examination & approval client and transfer ShenRelevant information please is simultaneously examined.After examination & approval pass through, applicant will receive the message for agreeing to transfer, and applicant and recipient canWith to it is self-service transfer terminal 1 before carry out confidential paper transfer.If examination & approval are rejected, applicant will receive the information of refusal transfer, andIt can check reason for rejection.4 end software of server can carry out the configuration management of approval process, and approval process can be according to the requirement of userConfigured, level-one can be supported to examine, can also support multistage examination & approval.Such as the transfer of secret papers, level-one examination & approval, secret are arranged toThe transfer of file, is arranged to two level examination & approval.
Increase examination & approval link, plays the role of specification flow, can effectively control confidential paper to be only capable of awarding before transferCirculate between the personnel of power.
3rd step, the operation in self-service transfer terminal 1
User will log in self-service transfer terminal 1, first have to carry out identity discriminating.The self-service card reading module 10 for transferring terminal 1Embedded card reader chip, can be read, such as HID, Mifare, EM with the information of the non-contact card of mainstream on support the market.When user swipes the card in effective Card Reader region of self-service transfer terminal 1, buzzer 11 will send the prompt tone of " ticking ", inform useFamily swiping card is effective.The card number that CPU module 5 distinguishes card reading module 10 and the validated user identity information ratio on server 4To carrying out identity discriminating.When authentication success, certification is by rear, and user can log in self-service transfer terminal 1, otherwise in liquid crystalAuthenticating user identification failure is prompted on touch-screen 9, can not be logged in.Furthermore it is also possible to by inputting account on liquid crystal touch screen 9Identity discriminating is carried out with the mode of password.
It will show after the self-service transfer terminal 1 of user's Successful login, on liquid crystal touch screen 9 and arranged by the confidential paper transfer examinedTable, user can select a hands over data to start confidential paper transfer.
User needs first to scan the bar code of every page of confidential paper using barcode scanner 2, and CPU module 5 sends bar code information to serviceDevice 4.Server 4 will according to these bar code information search confidential paper ownership people's information, and judge current login user whether beThe ownership people of the confidential paper, if it is verification scanning confidential paper bar code number and numbering whether the real page number and bar code with the confidential paperNumbering is consistent, prompts whether to transfer the confidential paper on liquid crystal touch screen 9 if consistent.
If it is confirmed that transferring, liquid crystal touch screen 9 will be prompted to recipient and swipe the card, and CPU module 5 sends card number to server 4,Server 4 will determine that whether the people that swipes the card is consistent with recipient in approval record, and server 4 records recipient's letter if consistentBreath, and prompt to transfer successfully on liquid crystal touch screen 9, so far confidential paper transfer process terminates.
If during turning-over operation, there is confidential paper ownership people and transfer people is inconsistent, or transfer the bar code of confidential paperNumbering and number of pages and confidential paper barcode number and real page number it is inconsistent, or swipe the card people and recipient in approval record it is inconsistent, thenThe prompting of liquid crystal touch screen 9 cannot carry out turning-over operation, transfer failure.
In addition, server 4 will record confidential paper transfer examination & approval daily record and turning-over operation daily record automatically.Examining daily record includes examination & approvalTime, applicant, transfer file name, approver, approval results etc.;Turning-over operation daily record includes transferring the time, transfers people, connectsReceive people, file name, level of confidentiality, number, number of pages, transfer result.
User can inquire about the confidential paper transfer history of oneself with login service device 4.Manager can also inquire confidential paper transferSituation, has easily grasped the whole circumstances of confidential paper ownership, is conducive to the management and retrospect of confidential paper circulation.
Obviously, the above embodiment of the present invention is only intended to clearly illustrate example of the present invention, and is not pairThe restriction of embodiments of the present invention.For those of ordinary skill in the field, may be used also on the basis of the above descriptionTo make other variations or changes in different ways.Here all embodiments can not be exhaustive.It is every to belong to this hairRow of the obvious changes or variations that bright technical solution is extended out still in protection scope of the present invention.